Symantec Endpoint Protection Management Plug-in for Kaseya

Article:TECH188106  |  Created: 2012-05-04  |  Updated: 2013-04-30  |  Article URL http://www.symantec.com/docs/TECH188106
Article Type
Technical Solution


Issue



You need to know how the Symantec Endpoint Protection Management Plug-in for Kaseya works. You want to know what the different components of the plug-in are, and what the key terms in the user interface mean.


Solution



This document includes the following information:

To install version 2.1 or version 2.0 of the plug-in, see the following knowledge base article:

Symantec Endpoint Protection Management Plug-in 2.0 or 2.1 for Kaseya

For instructions to install earlier versions of the plug-in, see the following knowledge base article:

Installing Symantec Endpoint Protection Management plug-in for Kaseya

Definitions of key terms
Term Definition
Endpoint

A computer that has been designated as an endpoint. A designated endpoint is marked to receive the Kaseya agent. If Symantec Endpoint Protection is installed on the endpoint, the endpoint is also managed by a specified Symantec Endpoint Protection Manager.

If you are working in the Endpoint Protection plug-in, this term refers only to endpoints that are running Endpoint Protection or need to have Endpoint Protection installed. In this context, it does not refer to all Kaseya endpoints.

Organization  The Kaseya organization to which an endpoint belongs.
 Infected

 The endpoint is infected with one or more malware items, and the infection is not yet cleaned by Symantec Endpoint Protection.

A reboot may be required, or the infection may not be able to be cleaned. This state is reported until all infections are cleaned.

 Content  Antivirus and antispyware definitions, signatures, and other information that Symantec Endpoint Protection uses to detect malware or intrusion attempts.
 Up-to-date  A Symantec Endpoint Protection client that reports content definitions not older than three days.
 Healthy  A Symantec Endpoint Protection client that is online and that reports not infected and up-to-date.
 At risk

 An endpoint that reports any of the following conditions:

  • Protection is not installed
  • Out-of-date
  • Protection technology disabled (antivirus or firewall)
  • Self-managed (not reporting to a management server)

At risk endpoints also do not report an infected state. Healthy, at risk, and infected states are mutually exclusive.

An offline endpoint is also at risk, but it is not included in the At risk totals (since it can’t be detected).

Back to top 

The following information is provided on individual pages of the plug-in user interface.

Servers page, top panel
Term Definition
System Name   

Windows host name of the endpoint.

Organization  The Kaseya organization to which an endpoint belongs.
 Last Content Status

 The status of the most recent attempt to download content from Symantec LiveUpdate servers. One of the following:

  • Successful
  • Failed
  • "No information found in last 3 days"
 Last Content Download Date  Date and time of the last successful download of content to the server.
 Server Software Version  Version of the Symantec Endpoint Protection Manager software that is running on this server.
 Operation System  Operating system on this server.
 IP Address

 IP address of the Endpoint Protection management server that is known to the Kaseya server. An Endpoint Protection server can have more than one IP address.

 Back to top

Servers page, Server Info tab

Includes information about endpoints that are managed by this server.

Term Definition
Up time 

The Kaseya uptime measurement.

 Last Content Status

 The status of the most recent attempt to download content from Symantec LiveUpdate servers. One of the following:

  • Successful
  • Failed
  • "No information found in last 3 days"
 Last Content Download Date  Date and time of the last successful download of content to the server.
 Total endpoints  Count of endpoints known to the Kaseya server that report to this Endpoint Protection management server, as determined by the server's IP address
 Currently infected  Count of endpoints managed by this server that report an infected state.
 Healthy endpoints

 Count of endpoints managed by this server that report a healthy state.

 Offline endpoints  Count of endpoints managed by this Endpoint Protection server that are offline to the Kaseya server
At risk endpoints

 Count of endpoints managed by this server that report any at risk state.

These endpoints may report more than one state that marks them as at risk.

At Risk Details  
Out of date  Count of at risk endpoints that report that the date of their protection content is more than three days ago.
Protection disabled  Count of at risk endpoints that report that any protection technology (antivirus or firewall) is disabled. 
Self-managed  Count of endpoints in the organization that do not report to any Endpoint Protection management server (do not report a management server IP address). This is the only number on this page that is not filtered by the selected Endpoint Protection server.

Back to top

Servers page, Licensing tab

Includes information about the Symantec Endpoint Protection licenses that are reported on the management server..

Term Definition
Seats currently licensed

Total number of licensed seats that are available on this server.

 Seats used

 Count of endpoints that report to this server (assuming that the number of seats used is less than or equal to the number of currently licensed seats).

 License type  One of the following: Trial, Upgrade, Purchased.
 Seats in License  The number of seats that this individual license contains. 
 Expires on  The expiration date of the individual license.

Back to top

Servers page, Organization Info tab

Includes information about the Kaseya Organization that this Endpoint Protection management server is part of.

Term Definition
Organization

The Kaseya organization to which the server belongs.

 Total endpoints  Count of endpoints known to the Kaseya server that report to this Endpoint Protection management server, as determined by the server's IP address
 Currently infected  Count of endpoints managed by this server that report an infected state.
 Healthy endpoints

 Count of endpoints managed by this server that report a healthy state.

 Offline endpoints  Count of endpoints managed by this Endpoint Protection server that are offline to the Kaseya server
At risk endpoints

 Count of endpoints managed by this server that report any at risk state.

These endpoints may report more than one state that marks them as at risk.

At Risk Details  
Out of date  Count of at risk endpoints that report that the date of their protection content is more than three days ago.
Not installed  Count of endpoints in the organization that do not have the Symantec Endpoint Protection client software installed. 
Protection disabled  Count of at risk endpoints that report that any protection technology (antivirus or firewall) is disabled. 
Self-managed  Count of endpoints in the organization that do not report to any Endpoint Protection management server (do not report a management server IP address). This is the only number on this page that is not filtered by the selected Endpoint Protection server.

Back to top

 Servers page, Managed Endpoints tab

Provides the same information as on the Endpoints page, but filtered to report on endpoints that are managed by this Endpoint Protection management server.

See the explanation of the Endpoints page.

Servers page, Client Communication tab

Provides information about the client communication files that are used by the endpoints to communicate with this Endpoint Protection management server. You can export the client communication file from the management server in the Symantec Endpoint Protection Manager console. See the Symantec Endpoint Protection documentation for more information.

You can then upload the client communication file to the Kaseya server by clicking the Upload file link. You can add a comment to the file for future reference. The client communication file is used as part of the agent installation.

Servers page, Install Agents tab

Lists all endpoints in the Kaseya network. To filter for the endpoints to install the agent on, you can sort by organization, by computer name, or by client software version.

Select the endpoints to install on, and click Install Client. The appropriate 32-bit or 64-bit package will automatically be applied. You will be asked to choose the appropriate client communication file (sylink.xml) to associate with this installation.

To install, you must first export the client package by using the Client Deployment Wizard in the Symantec Endpoint Protection Manager console. Select the option to save the package locally.

Then, upload the client package to the Kaseya server. Go to Configuration > Client Deployment and choose Upload client install package

Servers page, Server Log tab

Lists events from the Windows Event Log on the Symantec Endpoint Protection management server. Click any column header to sort the list.

Servers page, Audit Log tab

Lists actions performed on the Endpoint Protection management server from the Kaseya plug-in. Example actions include calculating license state, or adding a new client communication file.

Back to top

Endpoints page, top panel

Note: The plug-in provides detailed information only for endpoints that run Symantec Endpoint Protection version 12.1.1xxx or later. For endpoints that run earlier versions, only the software version number is available.

Term Definition
Organization  The Kaseya organization to which an endpoint belongs.
 Role

 Server or Endpoint.

Symantec recommends that the Endpoint Protection client be installed on all servers, including the Endpoint Protection management server.

 Protection Status

 Enabled or Disabled, as reported by the endpoint.

 If either antivirus or firewall protection is disabled, the protection status is Disabled.

 Infection Status  A checkmark if the endpoint is not infected. Infected if the endpoint is infected.
 Install Status

 Installed or Not Installed.

Whether the Endpoint Protection client is installed on the endpoint.

 Content status

 Whether the content on the endpoint is up to date.

Last Successful Scan Date and time that the client software on the endpoint last completed a scan.
Managed by

The domain name or IP address of the Endpoint Protection management server that manages the endpoint.

Self if the endpoint is self-managed (not reporting to any management server)

If IP address, the Endpoint Protection management server is not known to the Kaseya server.

Client Software Version

The version of the protection software that is installed on the endpoint.

For versions earlier than 12.1.1xxx, this is the only information that can be provided about the endpoint.

Operating System Operating system of the endpoint.
IP Address IP address of the endpoint. If the endpoint has more than one IP address, the IP address that is known to the Kaseya server.
Last Check-in The last time that the endpoint reported state and event information about the Endpoint Protection client software to the Kaseya plug-in.

 Back to top

Endpoints page, Endpoint Info tab

Provides the same information as in the top panel, per endpoint. Additional information includes the computer name, and whether the endpoint requires a reboot.

A reboot may be required by installation or upgrade of the client software, or by a malware infection having been cleaned.

Endpoints page, Organization Info tab

Includes information about the Kaseya Organization that the endpoint belongs to. Provides the same information that is described for the Servers page, Organization Info tab.

Endpoints page, Endpoint Log tab

Lists events from the Windows Event Log on the endpoint. Click any column header to sort the list.

Endpoints page, Audit Log tab

Lists actions performed on the endpoint from the Kaseya plug-in. Example actions include calculating endpoint health, or marking a computer as an endpoint.

Back to top




Article URL http://www.symantec.com/docs/TECH188106


Terms of use for this information are found in Legal Notices